Privacy Policy

Introduction

1. This data protection and privacy policy (hereinafter the “Policy") describes how ziik.io (Chainintra ApS) (hereinafter "us", "we" or "our") as data controller(s) collect and process personal data about you in connection with your use of our website and our services.

2. The Policy is formulated and made available to you in order for us to comply with the EU General Data Protection Regulation (2016/679 of 27 April 2016) (hereinafter ”GDPR”).

Gathering of data via use of cookies

1. When you visit our website and use our services, we collect data information and data about you via the use of cookies. We kindly refer to our cookie policy for more information.

2. Irrespective of the above, the collection of personal data via cookies will be done in accordance with the cookie order (no. 1148 of 9 December 2011), § 3.

Personal data we collect about you

1. When you purchase our services or products, use our websites or sign up for newsletters or the like, we may, depending on the specific circumstances, collect and process a number of personal data about you to complete your use or order of our services or products. These personal data include the following: name, telephone number, e-mail. If you disclose or send us other personal data voluntarily, we will also process such data in accordance with this Policy.

Email Marketing

2. We do not process your personal data for other purposes than what is indicated in section 3.1 and 3.3.

3. We do not process personal data about children under 13 years old.

4. We do not collect or process sensitive personal data (so-called "special categories of personal data") about you.

Legal basis for processing

1. We only collect and process your information and data in accordance with applicable law, including GDPR. Our collection and processing of your personal data is done based on the following legal basis:

a. if we have asked for your consent, when you have given consent hereto, cf. GDPR, article 6 (1) (a);

b. when the processing is necessary for the performance of a contract you have with us, cf. GDPR, article 6 (1)(b);

c. when the processing is necessary for our compliance with applicable legal obligations, cf. GDPR, article 6 (1) (c); and

d. when the processing is necessary for the purposes of our legitimate interests, cf. GDPR, article 6 (1) (f), including the following legitimate interests: prevention of fraud and improper use of our products, services or websites and to improve our products, services and websites.

2. If we process sensitive personal data (so-called "special categories of personal data") about you, the processing will only take place if it is permitted by GDPR, including but not limited to the following instances:

a. the processing is based on your explicit consent in accordance with the GDPR, article 9 (2) (a);

b. the processing is necessary for the purposes of carrying out the obligations and exercising specific rights of us or you in the field of employment and social security and social protection law in so far as it is authorized by Union or Member State law or a collective agreement pursuant to Member State law providing for appropriate safeguards for the fundamental rights and the interests of you, cf. GDPR, article 9 (2) (b);

c. the processing is necessary for the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity, cf. GDPR, article 9 (2) (f); or

d. if you have on your own initiative disclosed the information to us, cf. GDPR, article (9) (2) (e).

3. If we send direct marketing to you, including by e-mail, we will ask for your prior consent in accordance with the applicable Marketing Act.

4. If we process your personal data based on your consent, you can always withdraw your consent by contacting us at the contact details listed at the bottom of this policy. If you withdraw your consent, we will delete the personal data we processed on the basis of your consent unless they can or must be processed, for example, to comply with a legal obligation.

Disclosure and transfer of your personal data

1. From time to time we use external companies as suppliers to deliver and assist us in delivering our services. The external suppliers will not receive or process your personal data unless the applicable law allows for such transfer and processing.

2. Where the external parties are data processors, the processing is always performed on the basis of a data processor agreement in accordance with the requirements hereto under GDPR.

3. Where the external parties are data controllers, the processing of your personal data will be performed based on said external parties’ own data privacy policy and legal basis that you will be informed on unless the applicable legislation allows otherwise.

4. We do not transfer or disclose your personal data to third-parties outside the EU or EEA.

5. We only pass your personal data to others if the law allows it or requires it.

6. If you have any questions about our use of data processors, cooperation with other data controllers, including subsidiary companies, or transferring of data to third countries, please contact us for more information or documentation of our legal basis for said transfers.

Deletion and retention

We ensure on an ongoing basis that your personal data is deleted once the personal data is no longer relevant for us to follow our legitimate purposes. We do, however, retain your personal data to the extent that the applicable law obliges us hereto, as is the case with for example accounting and bookkeeping materials and records. If you have any questions about our retention of your personal data, please contact the e- mail mentioned at the bottom of this Policy.

Your rights as a data subject

1. As a data subject under GDPR, you have number of rights that we can assist you with. Your rights include the following:

a. You have the right to access into what personal data we process about you, for what purposes we process the personal data and whether we disclose or transfer your personal data to others.

b. You have the right to have incorrect information rectified.

c. In certain cases, you have the right to deletion of certain of your personal data.

d. You may, in certain cases, have the right to restriction of our processing of your personal data.

e. You are under certain circumstances entitled to so-called data portability of the personal data you have provided to us.

f. You may, in certain cases, have the right to object to our processing of your personal data based on reasons and circumstances that pertain to your particular situation.

2. If you wish to make use of your rights as described above, please use the contact details provided at the end of this Policy.

3. We strive to do everything to meet your wishes regarding our processing of personal data and your rights as a data subject. If you despite our endeavors wish to file a complaint, you can do so by contacting the national Data Protection Agency.

Changes to this Policy

1. The rapid development of the internet and available technology means that changes in our processing of personal data may become necessary. We therefore reserve the right to update and amend this Policy. If we do, we correct the date and the version at the bottom of the page. In case of significant changes, we will notify you in the form of a visible notice on our website or by direct message.

Contact

If you have questions or comments about this Policy or if you would like to invoke one or more of your rights as a data subject, please contact us at Soren Iversen, soren@ziik.io, +447908376458. You may also contact our Data Protection Officer (DPO) by using the following information: Soren Iversen, soren@ziik.io, +447908376458.